Side-channel (SC) leakage from a cryptographic device chip is simulated as the dynamic current flowing out of the chip. When evaluating the simulated current, an evaluation by comparison with an actual measurement is essential; however, it is difficult to compare them directly. This is because a measured waveform is typically the output voltage of probe placed at the observation position outside the chip, and the actual dynamic current is modified by several transfer impedances. Therefore, in this paper, the probe voltage is converted into the dynamic current by using an EMC macro-model of a cryptographic device being evaluated. This paper shows that both the amplitude and the SC analysis (correlation power analysis and measurements to disclosure) results of the simulated dynamic current were evaluated appropriately by using the EMC macro-model. An evaluation confirms that the shape of the simulated current matches the measured one; moreover, the SC analysis results agreed with the measured ones well. On the basis of the results, it is confirmed that a register-transfer level (RTL) simulation of the dynamic current gives a reasonable estimation of SC traces.

A connector model expressed as an inductance is proposed for use in a previously reported common-mode antenna model. The common-mode antenna model is an equivalent model for estimating only common-mode radiation from a printed circuit board (PCB) more quickly and with less computational resources than a calculation method that fully divides the entire structure of the PCB into elemental cells, such as narrow signal traces and thin dielectric layers. Although the common-mode antenna model can estimate the amount of radiation on the basis of the pin configuration of the connector between two PCBs, the calculation results do not show the peak frequency shift in the radiation spectrum when there is a change in the pin configuration. A previous study suggested that the frequency shift depends on the total inductance of the connector, which led to the development of the connector model reported here, which takes into account the effective inductance of the connector. The common-mode antenna model with the developed connector model accurately simulates the peak frequency shift caused by a change in the connector pin configuration. The results agree well with measured spectra (error of 3 dB).

The plain bend in a pair of differential transmission lines causes a path difference, which leads to differential-to-common mode conversion due to the phase difference. This conversion can cause serious common-mode noise issues. We previously proposed a tightly coupled asymmetrically tapered bend to suppress forward differential-to-common mode conversion and derived the constraint conditions for high-density wiring. To provide sufficient suppression of mode conversion, however, the additional correction was required to make the effective path difference vanish. This paper proposes a practical and straightforward design methodology by using a very tightly coupled bend (decreasing the line width and the line separation of the tightly coupled bend). Full-wave simulations below 20GHz demonstrated that sufficient suppression of the forward differential-to-common mode conversion is successfully achieved as designed. Measurements showed that our design methodology is effective.

Pairing-based cryptography has realized a lot of innovative cryptographic applications such as attribute-based cryptography and semi homomorphic encryption. Pairing is a bilinear map constructed on a torsion group structure that is defined on a special class of elliptic curves, namely pairing-friendly curve. Pairing-friendly curves are roughly classified into supersingular and non supersingular curves. In these years, non supersingular pairing-friendly curves have been focused on from a security reason. Although non supersingular pairing-friendly curves have an ability to bridge various security levels with various parameter settings, most of software and hardware implementations tightly restrict them to achieve calculation efficiencies and avoid implementation difficulties. This paper shows an FPGA implementation that supports various parameter settings of pairings on non supersingular pairing-friendly curves for which Montgomery reduction, cyclic vector multiplication algorithm, projective coordinates, and Tate pairing have been combinatorially applied. Then, some experimental results with resource usages are shown.

In this paper, we propose a tightly coupled asymmetrically tapered bend to suppress differential-to-common mode conversion caused by bend discontinuity in a pair of differential lines. Tightly coupled symmetrically tapered bends have been so far proposed to suppress the mode conversion by decreasing the path difference in the bend. This approach makes the path difference shorter so that the differential lines are coupled more tightly but the path difference of twice the sum of the line width and the line separation still remains. To suppress the remaining path difference, this paper introduces the use of asymmetric tapers. In addition, two-section tapers are applied to reduce differential-mode reflection increased by the tapers and hence improve differential-mode propagation. A full-wave simulation of a right-angled bend demonstrates that the forward differential-to-common mode conversion is decreased by almost 30 dB compared to the symmetrically tapered bend and that the differential-mode reflection coefficient is reduced to the same amount as that of the classic bend. Also, the generality of the proposed bend structure is discussed.